Happy New Year! 🎉 – And stay safe: Why more attacks occur around the turn of the year

We wish you a successful, healthy, and relaxed New Year! To kick things off, here’s an important insight from real-world experience: Around holidays and the turn of the year, attacks typically increase – fewer staff, more stress (year-end closing!), many temporary replacements, and a surge in “fresh” phishing campaigns make it easy for attackers.

Why attacks increase around the New Year

• Reduced staffing & stand-ins: Approvals and payments are waved through more quickly.
• High workload: Year-end pressure & backlogs after the holidays → less time for thorough verification.
• Standard workflows on hold: Change freezes, followed by large update waves – a preferred attack window.
• New “New Year” patterns: Password resets, vacation balance notices, tax/invoice topics, parcel notifications.

Common scams at the start of the year

• “New year, new password”: Fake login pages (M365/Google/VPN) capturing credentials & MFA.
• “Outstanding invoice/Q1 budget”: CEO fraud/BEC with changed bank details.
• “Updated HR/travel policy”: Links to fake portals designed to harvest employee data.
• QRishing: QR codes on posters/invoices leading to fake payment pages.

Quick team reminder (copy & paste internally)

• Open links only via your own bookmarks, not from emails or QR codes – especially for logins or payments.
• Never enter MFA codes in a QR- or email-launched browser; always open the official app instead.
• Verify external senders and unusual payment requests via phone call.
• Report suspicious emails/QR codes using the phishing report button.

If something does go wrong

Act immediately: change the password, end active sessions, revoke tokens, check affected devices with EDR, stop payments/contact your bank, and report the incident. Better to report one time too many than once too few.

Happy New Year – and stay safe! Contact us if you’d like support securing your environment for the year ahead.